Critical new details emerge in Apple's encryption battle with the government

Updated: FBI requested Apple ID password reset, county says

Update February 20: San Bernardino County officials said Friday evening that the county reset the iCloud password linked to terrorist attacker Syed Farook's iPhone 5C because the FBI requested it.

"The County was working cooperatively with the FBI when it reset the iCloud password at the FBI's request," read a tweet from the county's official account.

A county spokesman confirmed to BuzzFeed News the tweet is an authentic statement. We've asked Apple, the FBI and the Department of Justice for further comment, and will update this article if we hear back.

Apple said Friday that if this password hadn't changed, the iPhone might have backed up data the FBI is seeking to iCloud. The FBI is demanding Apple create a special version of iOS to access Farook's phone, what Apple says is a backdoor into the iPhone and a tool too dangerous to create. The Department of Justice issued a motion Friday seeking to force Apple to comply with a court order that it assist the FBI by creating the special operating system.

Original article below...

According to senior Apple executives, speaking anonymously on a call with reporters Friday, the Apple ID password linked to the iPhone 5C used by San Bernardino terrorist attacker Syed Farook was reset soon after the government seized the device.

A county worker (Farook worked for the San Bernardino Health Department and the iPhone was its property) seemingly changed the password. This eliminated any chance of the phone backing up the data to iCloud that the feds now want to access, the Apple executives said.

In a motion filed Friday, the DOJ indicated someone at the San Bernardino Health Department had changed the Apple ID password, but it only mentions this in a single footnote of the 35-page document.

"[N]either the owner nor the government knew the password to the iCloud account, and the owner, in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup," the footnote read.

Now, Apple finds itself resisting government demands that it build a backdoor into its iPhone software. The DOJ's motion asks a court to compel Apple to comply with an earlier court order that it assist the FBI by creating a special version of iOS to access the iPhone. The DOJ called Apple's refusal to do so a "marketing strategy."

The Apple executives spoke out in response to the DOJ's motion. They said Apple began working with the government in January, proposing four options to retrieve the iPhone data, each of which is outlined in the same DOJ footnote.

One option was to connect the iPhone to a known Wi-Fi network, possibly sparking a backup. Apple suggested the government first try Farook's home and then his workplace. Apple engineers assisted in the process, the executives said, but they discovered it wasn't feasible.

Only then did Apple learn that the password had been changed. According to the executives, no changed password, and the feds wouldn't need Apple to build a backdoor into the iPhone.

The Apple execs said they decided to reveal these details because the government made public the recovery methods it discussed with Apple in Friday's motion.

The executives reiterated that creating a backdoor into the iPhone would put all Apple customers' privacy at risk, and would create a master key for encryption that could be used on any number of devices.

There's a chance an iCloud backup never would have happened after Farook's iPhone was in the government's possession regardless of the password change. The feds have data from iCloud backups prior to October 19, 2015, but the backups stop after that date - authorities think Farook may have turned off the feature. However, there's no way to know that for sure, and now, it's too late.